I'm trying to setup a forwarding only email server. I'm running into the problem where all messages forwarded via postfix are getting put into gmail's spam folder and getting flagged as forged. I'm testing a very similar setup on a cpanel box and their forwarded emails make it through without any problem.
Things I've done:
- Setup reverse dns on forwarding box
- Setup SPF record for forwarding box domain
CPanel route (not flagged as spam): mail@personaldomain.com -> mail@kendall.domain.com -> personaluser@gmail.com
AWS postfix route (flagged as spam): mail@personaldomain.com -> mail@personaldomain2.com -> personaluser@gmail.com
Gmail error message:
/etc/postfix/main.cf
myhostname = sputnik.*domain*.com
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
myorigin = /etc/mailname
mydestination = sputnik.*domain*.com, localhost.*domain*.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 10.0.0.0/24 [::1]/128 [fe80::%eth0]/64
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
Email forwarded by CPanel (doesn't get marked as spam):
Delivered-To: *personaluser*@gmail.com
Received: by 10.182.144.98 with SMTP id sl2csp14396obb;
Wed, 9 May 2012 09:18:36 -0700 (PDT)
Received: by 10.182.52.38 with SMTP id q6mr1137571obo.8.1336580316700;
Wed, 09 May 2012 09:18:36 -0700 (PDT)
Return-Path: <mail@*personaldomain*.com>
Received: from web6.*domain*.com (173.193.55.66-static.reverse.softlayer.com. [173.193.55.66])
by mx.google.com with ESMTPS id ec7si1845451obc.67.2012.05.09.09.18.36
(version=TLSv1/SSLv3 cipher=OTHER);
Wed, 09 May 2012 09:18:36 -0700 (PDT)
Received-SPF: neutral (google.com: 173.193.55.66 is neither permitted nor denied by best guess record for domain of mail@*personaldomain*.com) client-ip=173.193.55.66;
Authentication-Results: mx.google.com; spf=neutral (google.com: 173.193.55.66 is neither permitted nor denied by best guess record for domain of mail@*personaldomain*.com) smtp.mail=mail@*personaldomain*.com
Received: from mail-vb0-f43.google.com ([209.85.212.43]:56152)
by web6.*domain*.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.77)
(envelope-from <mail@*personaldomain*.com>)
id 1SS9b2-0007J9-LK
for mail@kendall.*domain*.com; Wed, 09 May 2012 12:18:36 -0400
Received: by vbbfq11 with SMTP id fq11so599132vbb.2
for <mail@kendall.*domain*.com>; Wed, 09 May 2012 09:18:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-originating-ip:date:message-id:subject:from:to
:content-type:x-gm-message-state;
bh=Hr0AH40uUtx/w/u9hltbrhHJhRaD5ubKmz2gGg44VLs=;
b=IBKi6Xalr9XVFYwdkWxn9PLRB69qqJ9AjUPdvGh8VxMNW4S+hF6r4GJcGOvkDn2drO
kw5r4iOpGuWUQPEMHRPyO4+Ozc9SE9s4Px2oVpadR6v3hO+utvFGoj7UuchsXzHqPVZ8
A9FS4cKiE0E0zurTjR7pfQtZT64goeEJoI/CtvcoTXj/Mdrj36gZ2FYtO8Qj4dFXpfu9
uGAKa4jYfx9zwdvhLzQ3mouWwQtzssKUD+IvyuRppLwI2WFb9mWxHg9n8y9u5IaduLn7
7TvLIyiBtS3DgqSKQy18POVYgnUFilcDorJs30hxFxJhzfTFW1Gdhrwjvz0MTYDSRiGQ
P4aw==
MIME-Version: 1.0
Received: by 10.52.173.209 with SMTP id bm17mr326586vdc.54.1336580315681; Wed,
09 May 2012 09:18:35 -0700 (PDT)
Received: by 10.220.191.134 with HTTP; Wed, 9 May 2012 09:18:35 -0700 (PDT)
X-Originating-IP: [99.50.225.7]
Date: Wed, 9 May 2012 12:18:35 -0400
Message-ID: <CA+tP6Viyn0ms5RJoqtd20ms3pmQCgyU0yy7GBiaALEACcDBC2g@mail.gmail.com>
Subject: test5
From: Kendall Hopkins <mail@*personaldomain*.com>
To: mail@kendall.*domain*.com
Content-Type: multipart/alternative; boundary=bcaec51b9bf5ee11c004bf9cda9c
X-Gm-Message-State: ALoCoQm3t1Hohu7fEr5zxQZsC8FQocg662Jv5MXlPXBnPnx2AiQrbLsNQNknLy39Su45xBMCM47K
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - web6.*domain*.com
X-AntiAbuse: Original Domain - kendall.*domain*.com
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - *personaldomain*.com
X-Source:
X-Source-Args:
X-Source-Dir:
--bcaec51b9bf5ee11c004bf9cda9c
Content-Type: text/plain; charset=ISO-8859-1
test5
--bcaec51b9bf5ee11c004bf9cda9c
Content-Type: text/html; charset=ISO-8859-1
test5
--bcaec51b9bf5ee11c004bf9cda9c--
Email forwarded via AWS postfix box (marked as spam):
Delivered-To: *personaluser*@gmail.com
Received: by 10.182.144.98 with SMTP id sl2csp14350obb;
Wed, 9 May 2012 09:17:46 -0700 (PDT)
Received: by 10.229.137.143 with SMTP id w15mr389471qct.37.1336580266237;
Wed, 09 May 2012 09:17:46 -0700 (PDT)
Return-Path: <mail@*personaldomain*.com>
Received: from sputnik.*domain*.com (sputnik.*domain*.com. [107.21.39.201])
by mx.google.com with ESMTP id o8si1330855qct.115.2012.05.09.09.17.46;
Wed, 09 May 2012 09:17:46 -0700 (PDT)
Received-SPF: neutral (google.com: 107.21.39.201 is neither permitted nor denied by best guess record for domain of mail@*personaldomain*.com) client-ip=107.21.39.201;
Authentication-Results: mx.google.com; spf=neutral (google.com: 107.21.39.201 is neither permitted nor denied by best guess record for domain of mail@*personaldomain*.com) smtp.mail=mail@*personaldomain*.com
Received: from mail-vb0-f52.google.com (mail-vb0-f52.google.com [209.85.212.52])
by sputnik.*domain*.com (Postfix) with ESMTP id A308122AD6
for <mail@*personaldomain2*.com>; Wed, 9 May 2012 16:17:45 +0000 (UTC)
Received: by vbzb23 with SMTP id b23so448664vbz.25
for <mail@*personaldomain2*.com>; Wed, 09 May 2012 09:17:45 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=google.com; s=20120113;
h=mime-version:x-originating-ip:date:message-id:subject:from:to
:content-type:x-gm-message-state;
bh=XAzjH9tUXn6SbadVSLwJs2JVbyY4arosdTuV8Nv+ARI=;
b=U8gIgHd6mhWYqPU4MH/eyvo3kyZsDn/GiYwZj5CLbs6Zz/ZOXQkenRi7zW3ewVFi/9
uAFylT8SQ+Wjw2l6OgAioCTojfZ58s4H/JW+1bu460KAP9aeOTcZDNSsHlsj0wvH5XRV
4DQJa11kz+WFVtVVcFuB33WVUPAgJfXzY+pSTe+FWsrZyrrwL7/Vm9TSKI5PBwRN9i4g
zAZabgkmw1o2THT3kbJi6vAbPzlqK2LVbgt82PP0emHdto7jl4iD5F6lVix4U0dsrtRv
xuGUE0gDyIwJuR4Q5YTkNubwGH/Y2bFBtpx2q1IORANrolWxIGaZSceUWawABkBGPABX
1/eg==
MIME-Version: 1.0
Received: by 10.52.96.169 with SMTP id dt9mr282954vdb.107.1336580265812; Wed,
09 May 2012 09:17:45 -0700 (PDT)
Received: by 10.220.191.134 with HTTP; Wed, 9 May 2012 09:17:45 -0700 (PDT)
X-Originating-IP: [99.50.225.7]
Date: Wed, 9 May 2012 12:17:45 -0400
Message-ID: <CA+tP6VgqZrdxP543Y28d1eMwJAs4DxkS4EE6bvRL8nFoMkgnQQ@mail.gmail.com>
Subject: test4
From: Kendall Hopkins <mail@*personaldomain*.com>
To: mail@*personaldomain2*.com
Content-Type: multipart/alternative; boundary=20cf307f37f6f521b304bf9cd79d
X-Gm-Message-State: ALoCoQkrNcfSTWz9t6Ir87KEYyM+zJM4y1AbwP86NMXlk8B3ALhnis+olFCKdgPnwH/sIdzF3+Nh
--20cf307f37f6f521b304bf9cd79d
Content-Type: text/plain; charset=ISO-8859-1
test4
--20cf307f37f6f521b304bf9cd79d
Content-Type: text/html; charset=ISO-8859-1
test4
--20cf307f37f6f521b304bf9cd79d--
I believe reverse DNS should be setup by Datacentre where your servers are hosted and as per my knowledge this flexibility you cannot have in AWS , when you are sending emails to google from AWS postix google seeing emails coming from private IP (10.229.137.143 and 10.182.144.98).this is the reason why you emails from AWS are getting into SPAM folder.
You're using google to send mail to your mailserver, which you then forward to gmail.
This is not a useful test.